source-changes: DF bit processing in tunnelling devices

Subject: DF bit processing in tunnelling devices
To: None <thorpej@netbsd.org>
From: None <itojun@iijlab.net>
List: source-changes
Date: 07/06/2000 06:59:05

>Module Name:	syssrc
>Committed By:	thorpej
>Date:		Wed Jul  5 21:01:39 UTC 2000
>Modified Files:
>	syssrc/sys/netinet: in_gif.c
>Log Message:
>RFCs 1853, 2003, 2401 -- copy the DF bit.

	i'm not 100% sure if we should do this or not.
	RFC2401 says that the DF bit behavior should be configurable
	(copy, zero-clear, or set) in 6.1.1.  appendix B has more meat.

	with "copy" behavior, you will see more ICMP too big message, which
	can choke in environment with icmp filtered (bad practice, but
	we see too many of this).  good thing is that we can get better
	performance if everyone does path MTU discovery right.
	- your tunnel router got 1500bytes of native IPv4 packet, with
	  DF bit set
	- gif_output encapsulates it, copy DF bit (now 1520bytes)
	- ip_output chokes and sends ICMP too big message

itojun